Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implemented wildcard includes for ipsec/strongswan #3311

Merged
merged 1 commit into from
Mar 12, 2019
Merged

Implemented wildcard includes for ipsec/strongswan #3311

merged 1 commit into from
Mar 12, 2019

Conversation

stumbaumr
Copy link
Contributor

So this is the PR mentioned here
#3298

It just adds wildcard includes to
ipsec.conf
ipsec.secrets
strongswan.conf

Best regards
Rainer

@fichtner
Copy link
Member

does this require empty stub files or is it ok for strongswan if no files are present?

@stumbaumr
Copy link
Contributor Author

stumbaumr commented Mar 11, 2019
edited
Loading

It complains for some but does start...

...
-rw-r--r--   1 root     wheel       386 Mar 11 09:36 strongswan.mobile.conf
-rw-------   1 root     wheel        49 Mar 11 09:38 ipsec.mobile.secrets
-rw-r--r--   1 root     wheel      1178 Mar 11 09:45 ipsec.mobile.conf
-rw-r--r--   1 root     wheel       891 Mar 11 09:46 strongswan.conf
-rw-------   1 root     wheel        88 Mar 11 09:46 ipsec.secrets
-rw-r--r--   1 root     wheel       968 Mar 11 09:46 ipsec.conf
-rw-r--r--   1 root     wheel     17089 Mar 11 09:46 filter_tables.conf
root@opnsense01:/usr/local/etc # mv *.mobile.* /root/
root@opnsense01:/usr/local/etc # ipsec stop
Stopping strongSwan IPsec...
root@opnsense01:/usr/local/etc # ipsec start
no files found matching '/usr/local/etc/strongswan.*.conf'
Starting strongSwan 5.7.2 IPsec [starter]...
no files found matching '/usr/local/etc/ipsec.*.conf'
no netkey IPsec stack detected
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
root@opnsense01:/usr/local/etc # echo $?
0
root@opnsense01:/usr/local/etc #

@fichtner
Copy link
Member

ok, thanks for the clarification :)

@stumbaumr
Copy link
Contributor Author

Thanks for being so quick - this is really cool!!!

@stumbaumr
Copy link
Contributor Author

This actually solves
#3295
and
#3300

@AdSchellevis AdSchellevis merged commit acdf14e into opnsense:master Mar 12, 2019
AdSchellevis added a commit that referenced this pull request Mar 12, 2019
@AdSchellevis
IPsec, change paths for #3311 to align more with the standard sample …
a4d157d 
…configurations we ship
@AdSchellevis
Copy link
Member

@stumbaumr can you test a4d157d ? I've dropped the files in directories, which is more aligned with the standard samples that are shipped with the software on our end.

e.g. /usr/local/etc/strongswan.conf.sample

@stumbaumr
Copy link
Contributor Author

@AdSchellevis I created comments in your PR - there seems to be a mixup with directory names...

AdSchellevis added a commit that referenced this pull request Mar 12, 2019
@AdSchellevis
ipsec, mixed-up includes see #3311
dfd48d2
@AdSchellevis
Copy link
Member

@stumbaumr oops, my mistake, it seems that I mixed them up indeed. take 2 --> dfd48d2

@stumbaumr
Copy link
Contributor Author

@AdSchellevis ok, now it works as intended.

@AdSchellevis
Copy link
Member

@stumbaumr ok, thanks for confirming

@fichtner fichtner mentioned this pull request Mar 12, 2019
Closed
@not-implemented not-implemented deleted the ipsec-includes branch March 18, 2019 14:56
@stumbaumr stumbaumr mentioned this pull request Apr 5, 2019
Closed
EugenMayer pushed a commit to KontextWork/opnsense_core that referenced this pull request Jul 22, 2019
@AdSchellevis @EugenMayer
IPsec, change paths for opnsense#3311 to align more with the standard…
8bf9b2e 
… sample configurations we ship
EugenMayer pushed a commit to KontextWork/opnsense_core that referenced this pull request Jul 22, 2019
@AdSchellevis @EugenMayer
ipsec, mixed-up includes see opnsense#3311
f860352
EugenMayer pushed a commit to KontextWork/opnsense_core that referenced this pull request Jul 22, 2019
@AdSchellevis @EugenMayer
IPsec, change paths for opnsense#3311 to align more with the standard…
f8da122 
… sample configurations we ship
EugenMayer pushed a commit to KontextWork/opnsense_core that referenced this pull request Jul 22, 2019
@AdSchellevis @EugenMayer
ipsec, mixed-up includes see opnsense#3311
114999a
@AdSchellevis AdSchellevis mentioned this pull request Oct 9, 2022
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@AdSchellevis AdSchellevis

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@stumbaumr @fichtner @AdSchellevis @not-implemented